Forward unisys
-
Upload
ewout-dekkinga -
Category
Documents
-
view
1.476 -
download
1
description
Transcript of Forward unisys
Forward! by
Secure, Scalable, Cost-effective and Mission-critical fabric
Unisys
2© 2013 Unisys Corporation. All rights reserved. 2
the remaining 10-50% of your IT workloads
Does this describe
your IT Organization?
Concerns about “virtualizing”
cost effective way to move your RISC/UNIX mission critical workloads without concerns
“systems approach” to deploying a major application like SAPNeed a cost effective & less complex
Looking for a
Security & Performance
3© 2013 Unisys Corporation. All rights reserved. 3
Performance (44%) & Security (41%) are the biggest concerns*
Between 40 – 45% are reluctant to migrate mission critical applications*
You are not alone
* Based on a 2013 IDG study commissioned by Unisys
65% of Unix Systems will migrate to Linux by 2017 Source Gartner
70% of SAP Production Systems run on Physical Servers Source: Aberdeen Group
80% of Scale out ERP will migrate to Linux by 2017 Source Gartner
Forward!The Best of Physical & Virtual
s-Par® (Secure Partitioning) and Intel Xeon
High Speed Interconnect
Fabric Management Platform (FMP)
Certified Enterprise Windows and Linux
Data Foundation Hadoop
Military Grade Security
•Dedicated High Availability, Reliability and Security on Intel Xeon
•Fabric based Scalability, Low Latency and High Performance
•Simply Unified Management Single System Dashboard
•Open Operating Environments with Choice of Pre-configured Images
•Embedded Enhanced Security for Data Center
•Faster Access and Analysis of Big Data for Business Intelligence
Forward! by Unisys™ Core Building Blocks
5© 2013 Unisys Corporation. All rights reserved. 5
Forward! by Unisys
Introducing
An innovative new way to deploy mission critical workloads via secure dedicated HW partitions on Intel Xeon based platforms running Windows and Linux environments connected with an extensible high speed fabric interconnect integrated and delivered as a system with single pane of glass management
Forward!Built from our mainframe heritage of security & scalability
Without compromise…
Reservationsper Second
5,500Voice
Mailboxes
150MOf the
World’s Cargo
30%Max Flexibility
Max
Iso
lati
on
Unix Hard Partitioning
Software/Firmware
Partitioning
- IBM’s LPAR (AIX only)
- Sun’s LDOM (Solaris only)
Type 1 (Native VMM)
- ESX Server
- Xen
- Hyper-V
Type 2 (OS hosted)
- Linux KVM
- MS Virtual Server
- VMware Server
sPar ®
(Windows and Linux)
7© 2013 Unisys Corporation. All rights reserved. 7
Forward!
IO Specialty Partitions
Xeon Partitioning
Architectural evolution from Mainframe to X86Next generation to FABRIC & beyond
OS & DB SpecialtyPartitions
S-Par Xeon Partitioning
IO SpecialtyPartitions
S-Par Xeon Partitioning
2010Introduced a single platform distributed
OS architecture using s-Par® Xeon Platform Partitioning technology
ClearPath Mainframe Entry Performance/Capacity
Operating Systemand Database
Operating Systemand Database
ClearPath Mainframe High Performance/Capacity
2012Introduced a multi-platform distributed OS architecture,
multiple Xeon platforms connected using industry available high speed
point to point interconnect
Forward! Fabric
2013Introduce Unisys fabric computing, a multi-node infrastructure connected using a high
speed switched interconnect, that is partition-able for the purpose of supporting
heterogeneous Intel Xeon based applications, databases and operating
environments
High Speed and Secure Interconnect (switched)
S-Par Xeon Partitioning
Linux
Unisys Intel Platform
Customer selectable
configurations
S-Par Xeon Partitioning
W/L
Unisys Intel Platform
W/L
S-Par Xeon Partitioning
X-Large
Unisys Intel Platform
Mixed Partition
Sizes
S-Par Xeon Partitioning
Small
Unisys Intel Platform
Large
Linux Windows
Enterprise Windows and Linux Node
1 Platform
1 of ‘x’ Platforms
1 of 4 Platforms
Architectural evolution leading up to Forward! Fabric, delivering products along the journey
Enterprise Windows and Linux Node
Partition Size
Cores Memory NIC Ports
HBA Ports
X-Large 14 123 GB 12 6
Large 8 82 GB 8 4
Medium 4 41 GB 4 2
Small 2 20 GB 2 1
Physical Server+ Predictable Performance+ Dedicated resources to one
application+ Application Isolation+ S/W licensing ‘clarity’+ Simplified management and
monitoring- Typically Underutilized- 1 app / server = server
sprawl- Highest cost for HW/SW
maintenance/ Power/ Cooling
Hardware
OS
Application
One Server
Dedicated CPU, I/O, Memoryfor each partition
OS
App
OS OS
App App
s-Par s-Par s-Par
One Server
Secure Partitioning+ Predictable performance + Dedicated Resources
+ Processor+ Memory+ I/O & Storage
+ Partition isolation for security + Single pane of glass+ - Limited OS choices
- Windows 2012 / 2008 R2- Enteprise Linux
Virtualized Server+ Increase workload density=
fewer servers+ Dynamic capacity allocation
with shared resources+ Good for many ‘non critical’
workloads- Performance can varies by
workload, time of day etc. - S/W licensing ‘complexity’- Significant management- Typically Oversubscribed
Shared HardwareResources
Virtualization
OS
App
OS
App
OS
App
One Server
Forward!The Best of Physical & Virtual
9© 2013 Unisys Corporation. All rights reserved. 9
The Forward! Fabric Based Infrastructure
PLATFORM 1
Intel x86-64 (VT-x) Platform
Unisys Secure Partitioning
LL
PLATFORM 2
Intel x86-64 (VT-x) Platform
Unisys Secure Partitioning
W
PLATFORM 4….16
Intel x86-64 (VT-x) Platform
Unisys Secure Partitioning
W L
High Speed Interconnect
Partition Multiple Operation Environments Across Platforms, Geographies and the Cloud
L – LinuxW – Windows
PLATFORM 3
Intel x86-64 (VT-x) Platform
Unisys Secure Partitioning
W W W W
L
W
W L LW
InfiniBand 56GB Switch
Up to 16 nodes and 96 partitions per Fabric
L
Forward!Fabric Management
• Simple Management Interface
• Deploy Partitions in Minutes
• Manage Partition Health
• Secure Partition Connectivity in memory or across servers
• Definable Blue Prints to Replicate Environments
• Dedicate Resources to Partitions for Predictive Performance
Framework
UnifiedMonitoring
Provision & Configure
Identity and Access Mgmt
Alerts / EventsRemediation
Platform Management
Partition Management
Automation
Audit / Logging
SINGLE PANE OF GLASS
Diagnostics
Forward!How does
Impact a typical system configuration?
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
AP
Ps
erv
er
AP
Ps
erv
er
AP
Ps
erv
er
AP
Ps
erv
er
BD
se
rve
r
DB
se
rve
rSwitch
Challenge with Physical Infrastructure• Complex configurations• High cost of infrastructure• Higher licensing costs• Security Issues• High power, space, maintenance
and administrative costs
Average Physical Server Utilization – 5% - 15% Gartner
10 GB
From 18 Individual Physical Servers
Forward!The Forward! Advantage
Switch
Benefits of Forward!• Reduce servers by up to 75%• Deploy and resize in minutes• Reduced licensing & networking costs• Physical server isolation, predictability
and redundancy• Increased Security
• Secure Partitions• Point to Point Network
Communications• StealthTM cloaking
• Increased performance• In memory connections• 4-5X faster interconnect
• Reduced power, space, maintenance and administration
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
We
bse
rve
r
AP
Ps
erv
er
AP
Ps
erv
er
DB
se
rve
r
AP
Ps
erv
er
AP
Ps
erv
er
DB
se
rve
r
Consolidate to 4 Forward! Nodes
with 18 Secure Partitions
56 GB
Server Platform 1 Server Platform 2
Server Platform 4
Server Platform 3
Rates of consolidation will vary based on the system configuration and size
In memory connect In memory connect
Forward!The Capabilities
Reduced Complexity• Single Pane of Glass
Management for simple administration
• Flexible & Secure Mission Critical Partitioning
• Virtually Unlimited Scalability with in-memory & high interconnect • Secure partitions to protect
data & comply with regulations
• Protect data at rest & in motion
• Advanced security with integrated StealthTM
• Consolidate mission critical apps without compromise – up to 6:1
• Built in security to streamline protection saving up to 36%
• Leverage Cost Effective Intel Xeon Technology
Reduced Cost
Reduced Risk
Forward!The Use Case of
• Increase workload density with predictable performance
• Dedicated Resources– Processor, Memory,
I/O and Storage
• Partition isolation for security
• Single pane of glass = simplified management and monitoring
• Right sized for workloads
• Scale-up and scale-out storage for near-unlimited growth in performance and data capacity
• Dedicated, Storage Partition for each s-Par or COI
– Multi-protocol I/O ports, LUNs and/or Flexible Volumes isolated from all other s-Pars and COIs
• Each Storage Partition is right-sized and scalable
• Common management tools across all models in storage family
• Right-sized for capacity and performance
• Enterprise-proven Five 9s reliability
Secure partitioning – mixed workloads
OS
App
s-Par
OS
App
s-Par
OS
App
s-Par
One Server
Dedicated CPU, I/O, Memoryfor each partition
Storage Partition
Storage Partition
Storage Partition
Secure, Virtualized Scale-Out Storage
Multiple storage vendors supported
Fabric-based computing
Forward!The Use Case of
Accelerate UNIX to LINUX migrations
> 50% Faster
ServiceRequest
Design and Size
DC Planning
ProcureDetailedDesign
Deploy Test
DC Planning
Procure Deploy Test
ServiceAvailable
X X
Weeks or Months
ServiceAvailable
ServiceAvailable
Benefits• Agile service delivery • Higher productivity• Faster deployment• Predictable performance• Stealth and Communities of Interest
Traditional
With Forward! • Reference BoM • Validated design• Secure deployment • Performance test plan
DC Planning
Procure Deploy Test
Pre-provisioned Infrastructure Platform• Rapid deployment of applications• Shared pools meet most requirements
Forward!Migration Service
MigrationServices
Forward Stack
Oracle DB /IBM DB2
HP-UX /IBM AIX /
Oracle Solaris
HP n-Par / IBM L-Par Oracle VM for Sparc (Ldoms)
Ethernet Interconnect
Itanium / Power / Sparc
IBM WebSphere /Oracle WebLogic /
SAP NetWeaver
SAP Oracle(PeopleSoft/JDEdwards/Hyperion)
ERP/CRM/SCM/PLM/FMS/BI
Un
ix S
yste
m V
end
or
Su
pp
ort
an
d
Ser
vice
s Ban
kin
g/F
SS
Go
vern
men
t
Telc
o
Tran
spo
rtat
ion
System Integrator
Unix Stack
Oracle DBMS /IBM DB2 /
Microsoft SQL Server /MySQL /
Red Hat Linux /SuSe Linux /
Microsoft Windows
Unisys S-Par,High Speed Interconnect
SPoG System Management(opt. Stealth, Hadoop instance)
Intel Xeon VT-x / VT-d
IBM WebSphere /Oracle WebLogic /SAP NetWeaver /Red Hat Jboss /Microsoft .NET
SAP Oracle(PeopleSoft/JDEdwards/Hyperion)
ERP/CRM/SCM/FMS/PLM/BI
Un
isys
Su
pp
ort
an
d S
ervi
ces
Ban
kin
g/F
SS
Go
vern
men
t
Telc
o
Tran
spo
rtat
ion
System Integrator
Processor Architecture
System Software(Partitioning, Interconnect)
Operating System
Database System
Application Server
Application Vendor
Application Type
Industry Focus
Forward!The Use Case of
SAP Migration and consolidation
• Save 25 – 33% through server consolidation reducing servers and licensing1
• Reduce Servers by 75%2
• Up to 45% project timeline savings for SAP upgrade2
• SAPS performance improvement via high speed interconnect across multi-nodes
• Predictability of application performance for Unix like RAS with better Price/Performance3
• Ideal Architecture for HANA based applications modules
1 Oliver Wyman report: Growing Importance of Development and Test Solutions in SAP Environments 2 Oliver Wyman report: SAP Total Cost Comparison3 Oliver Wyman Study: Making Green IT a Reality
• TCO Application Environments– 39% lower TCO for Oracle
– 55% lower TCO for SAP
– 30% lower TCO for Exchange
– 44% lower TCO for file
– 35% lower TCO for archive
• Operational Efficiency– 50% less rack space
– 52% less power
– 51% lower heat
Forward!Reference SAP migration
Migrated SAP ERP applications from an IBM Power 770 mainframe running the Unix-based AIX operating system to a lower-cost Forward!
CEO M. Battistoni: “The Forward! platform showed Aspasiel a
cost-efficient way to benefit from the power of the Unisys secure partitioning technology on an industry-standard Intel platform while retaining the security and predictable performance we’ve come to
expect from our RISC-Unix- system”
“The Forward! platform helps set the stage for a future transition to the SAP
HANA environment so we can realize the benefits of big data for our business.”
http://www.unisys.com/unisys/news/detail.jsp?id=1120000970027910182
Security just isn’t good enough
Today’s
Perimeter
Stealth
It makes communication endpoints “dark” on a network
So users and assets are virtually invisible to
all unauthorized parties inside and outside the enterprise
Unisys Stealth solution for networks achieved EAL-4+ certification from the National Security Agency (NSA) as a secure solution for protecting data-in-motion across any network – public or private. This qualifies Unisys Stealth to protect U.S. Defense Department
data classified up to the ‘SECRET’ level.
Unisys Stealth is a Cryptographic Bit Splitting
Technology (CBST) Solution that can run in every endpoint
Unisys Stealth - Windows XP System IsolationSegregate Automation and Process Control
Problem: XP Security Patches terminated for A&PC Devices
Microsoft will terminate cost-effective support for Windows XP operating systems in April 2014, but these workstations may need to be deployed for years to come. Automation and Process Control devices pose a greater risk for compromise because of their specialty uses to monitor and/or control critical processes (e.g. power generation). Certain security requirements state that cyber security risks associated with process control systems can be significantly mitigated by segmenting or isolating A&PC systems on the network.
Business App Server
Stealth ProtectedAutomation and Process Control Workstations
BusinessWorkstations
Special ProcessingSystems
Solution:
• Deploy Unisys Stealth to segregate XP assets from the rest of the network
• Mitigate risk associated with network connectivity while not receiving security updates for legacy OS’s
• Employ network segregation to:
- Darken the segregated systems from would-be attackers so they are not discoverable via typical network scanning techniques
- Allow access to core IT Services
- Restrict access to Internet
• Increase security and eliminate XP maintenance expense
http://www.unisys.com/unisys/landingPages/index.jsp?id=1120000970027510165
22© 2013 Unisys Corporation. All rights reserved. 22
Forward! SummarizedProtecting Applications and Data
• Isolate applications through secure partitions segmenting the environments into smaller containers to limit vulnerability (Standard VM shares resources globally…a breach impacts all)
• Eliminate unauthorized external communications through out of band configurations
• Prevent VM aware viruses with low profile partitions and managed boot configurations
• Isolate traffic through out of band secure communications between partitions and nodes eliminating hijacking
• Define each platform, part or port through fabric management and partitioning group membership for secure trusted connections
• Strict switching fabric requiring direct addressing to secure traffic
• Center of Internet Security (CIS) benchmarks based standard configurations
• Automate hardening operating system best practices for consistent commissioning
• Simplified operating system administration to adjust and modify security settings
• Forward! management and monitoring are out of band and not available for hijacking from other LANs
• Clear text data exchange between Forward! services and application execution never exposing information to other LANs
• StealthTM Option to Cloak end points, data and servers
Secure Partitioning Software Driven Secure Networking
Hardened Operating Environments
Purpose BuiltLAN Security